org.nhindirect.stagent.cryptography
Interface Cryptographer

All Known Implementing Classes:

SMIMECryptographerImpl

public interface Cryptographer

Executes the cryptography operations. This include encryption, decryption, and signature generation.

Author:

Greg Meyer, Umesh Madan

Method Summary

void	checkSignature(SignedEntity signedEntity, X509Certificate signerCertificate, Collection<X509Certificate> anchors) Validates that a signed entity has a valid message and signature.
MimeEntity	decrypt(Message message, X509CertificateEx decryptingCertificate) Decrypts a message with the provided certificates private key.
MimeEntity	decrypt(MimeEntity encryptedEntity, Collection<X509CertificateEx> decryptingCertificates) Decrypts an entity with the provided certificates' private key.
MimeEntity	decrypt(MimeEntity encryptedEntity, X509CertificateEx decryptingCertificate) Decrypts an entity with the provided certificate's private key.
org.bouncycastle.cms.CMSSignedData	deserializeEnvelopedSignature(byte[] messageBytes)
org.bouncycastle.cms.CMSSignedData	deserializeEnvelopedSignature(MimeEntity envelopeEntity)
org.bouncycastle.cms.CMSSignedData	deserializeSignatureEnvelope(SignedEntity entity) Extracts the ASN1 encoded signature data from the signed entity.
MimeEntity	encrypt(MimeEntity entity, Collection<X509Certificate> encryptingCertificates) Encrypts an entity using the provided certificates.
MimeEntity	encrypt(MimeEntity entity, X509Certificate encryptingCertificate) Encrypts an entity using the provided certificate.
MimeEntity	encrypt(javax.mail.internet.MimeMultipart mmEntity, Collection<X509Certificate> encryptingCertificates) Encrypts a mulit part MIME entity using the provided certificates.
MimeEntity	encrypt(javax.mail.internet.MimeMultipart entity, X509Certificate encryptingCertificate) Encrypts a mulit part MIME entity using the provided certificate.
SignedEntity	sign(Message message, Collection<X509Certificate> signingCertificates)
SignedEntity	sign(Message message, X509Certificate signingCertificate) Signs a message with the provided certificate.
SignedEntity	sign(MimeEntity entity, Collection<X509Certificate> signingCertificates) Signs an entity with the provided certificates.
SignedEntity	sign(MimeEntity entity, X509Certificate signingCertificate) Signs an entity with the provided certificate.

Method Detail

encrypt

MimeEntity encrypt(javax.mail.internet.MimeMultipart entity,
                   X509Certificate encryptingCertificate)

Encrypts a mulit part MIME entity using the provided certificate.

Parameters:

entity - The entity that will be encrypted.

encryptingCertificate - The public certificates that will be used to encrypt the message.

Returns:

A MimeEntity containing the encrypted part.

encrypt

MimeEntity encrypt(javax.mail.internet.MimeMultipart mmEntity,
                   Collection<X509Certificate> encryptingCertificates)

Encrypts a mulit part MIME entity using the provided certificates.

Parameters:

entity - The entity that will be encrypted.

encryptingCertificates - The public certificates that will be used to encrypt the message.

Returns:

A MimeEntity containing the encrypted part.

encrypt

MimeEntity encrypt(MimeEntity entity,
                   X509Certificate encryptingCertificate)

Encrypts an entity using the provided certificate.

Parameters:

entity - The entity that will be encrypted.

encryptingCertificate - The public certificates that will be used to encrypt the message.

Returns:

A MimeEntity containing the encrypted part.

encrypt

MimeEntity encrypt(MimeEntity entity,
                   Collection<X509Certificate> encryptingCertificates)

Encrypts an entity using the provided certificates.

Parameters:

entity - The entity that will be encrypted.

encryptingCertificate - The public certificates that will be used to encrypt the message.

Returns:

A MimeEntity containing the encrypted part.

decrypt

MimeEntity decrypt(Message message,
                   X509CertificateEx decryptingCertificate)

Decrypts a message with the provided certificates private key.

Parameters:

message - The message that will be decrypted.

decryptingCertificate - The certificate whose private key will be used to decrypt the message.

Returns:

A MimeEntity containing the decrypted part.

decrypt

MimeEntity decrypt(MimeEntity encryptedEntity,
                   X509CertificateEx decryptingCertificate)

Decrypts an entity with the provided certificate's private key.

Parameters:

encryptedEntity - The entity that will be decrypted.

decryptingCertificate - The certificate whose private key will be used to decrypt the message.

Returns:

A MimeEntity containing the decrypted part.

decrypt

MimeEntity decrypt(MimeEntity encryptedEntity,
                   Collection<X509CertificateEx> decryptingCertificates)

Decrypts an entity with the provided certificates' private key.

Parameters:

encryptedEntity - The entity that will be decrypted.

decryptingCertificate - The certificates whose private keys will be used to decrypt the message.

Returns:

A MimeEntity containing the decrypted part.

sign

SignedEntity sign(Message message,
                  X509Certificate signingCertificate)

Signs a message with the provided certificate.

Parameters:

message - The message that will be signed.

signingCertificate - The certificate used to sign the message.

Returns:

A signed entity that consists of a multipart/signed entity containing the original entity and a message signature.

sign

SignedEntity sign(Message message,
                  Collection<X509Certificate> signingCertificates)

sign

SignedEntity sign(MimeEntity entity,
                  X509Certificate signingCertificate)

Signs an entity with the provided certificate.

Parameters:

message - The entity that will be signed.

signingCertificate - The certificate used to sign the message.

Returns:

A signed entity that consists of a multipart/signed entity containing the original entity and a message signature.

sign

SignedEntity sign(MimeEntity entity,
                  Collection<X509Certificate> signingCertificates)

Signs an entity with the provided certificates.

Parameters:

message - The entity that will be signed.

signingCertificates - The certificates used to sign the message.

Returns:

A signed entity that consists of a multipart/signed entity containing the original entity and a message signature.

checkSignature

void checkSignature(SignedEntity signedEntity,
                    X509Certificate signerCertificate,
                    Collection<X509Certificate> anchors)
                    throws SignatureValidationException

Validates that a signed entity has a valid message and signature. The signer's certificate is validated to ensure authenticity of the message. Message tampering is also checked with the message's digest and the signed digest in the message signature.

Parameters:

signedEntity - The entity containing the original signed part and the message signature.

signerCertificate - The certificate used to sign the message.

anchors - A collection of certificate anchors used to determine if the certificates used in the signature can be validated as trusted certificates.

Throws:

SignatureValidationException

deserializeSignatureEnvelope

org.bouncycastle.cms.CMSSignedData deserializeSignatureEnvelope(SignedEntity entity)

Extracts the ASN1 encoded signature data from the signed entity.

Parameters:

entity - The entity containing the original signed part and the message signature.

Returns:

A CMSSignedData object that contains the ASN1 encoded signature data of the message.

deserializeEnvelopedSignature

org.bouncycastle.cms.CMSSignedData deserializeEnvelopedSignature(MimeEntity envelopeEntity)

deserializeEnvelopedSignature

org.bouncycastle.cms.CMSSignedData deserializeEnvelopedSignature(byte[] messageBytes)